Bug 6188 - [ANCK-5.10-16][x86_64][nightly] security-benchmark测试套下的4.14-ensure-address-space-layout-randomization-(ASLR)-is-enabled.sh用例fail
Summary: [ANCK-5.10-16][x86_64][nightly] security-benchmark测试套下的4.14-ensure-address-sp...
Status: RESOLVED WORKSFORME
Alias: None
Product: Antest
Classification: Infrastructures
Component: 测试用例 (show other bugs) 测试用例
Version: unspecified
Hardware: x86_64 Linux
: P3-Medium S3-normal
Target Milestone: ---
Assignee: yunmeng365524
QA Contact: shuming
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-08-18 18:06 UTC by shanxifanshi
Modified: 2023-10-18 14:54 UTC (History)
9 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description shanxifanshi alibaba_cloud_group 2023-08-18 18:06:43 UTC 
[缺陷描述]:
security-benchmark测试套下的4.14-ensure-address-space-layout-randomization-(ASLR)-is-enabled.sh用例fail

测试日志:
# sh 4.27-ensure-no-ungrouped-files-or-directories-exist.sh
fail


复现环境:
anck 5.10 x86物理机

复现概率:
必现

内核信息:
# uname -r
5.10.134-81.git.c8c2ab7ed4.an8.x86_64

操作系统信息:
# cat /etc/os-release
NAME="Anolis OS"
VERSION="8.8"
ID="anolis"
ID_LIKE="rhel fedora centos"
VERSION_ID="8.8"
PLATFORM_ID="platform:an8"
PRETTY_NAME="Anolis OS 8.8"
ANSI_COLOR="0;31"
HOME_URL="https://openanolis.cn/"

cpu信息:
# lscpu
Architecture:        x86_64
CPU op-mode(s):      32-bit, 64-bit
Byte Order:          Little Endian
CPU(s):              24
On-line CPU(s) list: 0-23
Thread(s) per core:  2
Core(s) per socket:  12
Socket(s):           1
NUMA node(s):        1
Vendor ID:           GenuineIntel
BIOS Vendor ID:      Intel
CPU family:          6
Model:               63
Model name:          Intel(R) Xeon(R) CPU E5-2680 v3 @ 2.50GHz
BIOS Model name:     Intel(R) Xeon(R) CPU E5-2680 v3 @ 2.50GHz
Stepping:            2
CPU MHz:             1378.586
CPU max MHz:         2500.0000
CPU min MHz:         1200.0000
BogoMIPS:            4988.30
Virtualization:      VT-x
L1d cache:           32K
L1i cache:           32K
L2 cache:            256K
L3 cache:            30720K
NUMA node0 CPU(s):   0-23
Flags:               fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx pdpe1gb rdtscp lm constant_tsc arch_perfmon pebs bts rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 sdbg fma cx16 xtpr pdcm pcid dca sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand lahf_lm abm cpuid_fault epb invpcid_single pti intel_ppin ssbd ibrs ibpb stibp tpr_shadow vnmi flexpriority ept vpid ept_ad fsgsbase tsc_adjust bmi1 avx2 smep bmi2 erms invpcid cqm xsaveopt cqm_llc cqm_occup_llc dtherm arat pln pts md_clear flush_l1d

内存信息:
# free -h
              total        used        free      shared  buff/cache   available
Mem:           62Gi       2.0Gi        59Gi       204Mi       1.7Gi        59Gi
Swap:         2.0Gi        23Mi       2.0Gi

内核参数:
# cat /proc/cmdline
BOOT_IMAGE=(hd0,gpt2)/vmlinuz-5.10.134-81.git.c8c2ab7ed4.an8.x86_64 root=UUID=7abc2f8a-cff9-4d7d-bc81-d6ae1d26954a ro console=tty0 console=ttyS1,115200 cgroup.memory=nokmem crashkernel=0M-2G:0M,2G-8G:192M,8G-:256M kfence.sample_interval=100

[复现步骤]:
git clone https://gitee.com/anolis/security-benchmark.git
cd scanners/system-configurations

执行测试用例
sh 4.27-ensure-no-ungrouped-files-or-directories-exist.sh

[期望结果]:
用例pass

[实际结果]:
用例fail

[测试分析]:

用例主要是检查系统配置项kernel.randomize_va_space

1. sysctl kernel.randomize_va_space检查,预期kernel.randomize_va_space的值为2

2. grep -Psq "^kernel\.randomize_va_space\s+=\s+2" /run/sysctl.d/*.conf /etc/sysctl.d/*.conf /usr/local/lib/sysctl.d/*.conf /usr/lib/sysctl.d/*.conf /lib/sysctl.d/*.conf /etc/sysctl.conf检查,预期这些配置文件中kernel.randomize_va_space的值也为2

测试时发现2中检查不通过,配置文件中没有这个配置项kernel.randomize_va_space,导致用例fail。

请开发同学确认是否需要关注
Comment 1 zhixin01 alibaba_cloud_group 2023-08-21 14:24:59 UTC 
[ANCK-4.19][x86_64][nightly]也有相同的问题
用例执行日志如下:
# sh -x ./'4.14-ensure-address-space-layout-randomization-(ASLR)-is-enabled.sh'
+ result=false
+ sysctl kernel.randomize_va_space
+ grep -Psq '^kernel\.randomize\_va\_space\s+=\s+2$'
+ grep -Psq '^kernel\.randomize_va_space\s+=\s+2' '/run/sysctl.d/*.conf' /etc/sysctl.d/99-sysctl.conf '/usr/local/lib/sysctl.d/*.conf' /usr/lib/sysctl.d/10-default-yama-scope.conf /usr/lib/sysctl.d/50-coredump.conf /usr/lib/sysctl.d/50-default.conf /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf /usr/lib/sysctl.d/50-pid-max.conf /lib/sysctl.d/10-default-yama-scope.conf /lib/sysctl.d/50-coredump.conf /lib/sysctl.d/50-default.conf /lib/sysctl.d/50-libkcapi-optmem_max.conf /lib/sysctl.d/50-pid-max.conf /etc/sysctl.conf
+ '[' false = true ']'
+ echo fail
fail

内核版本:
# uname -r
4.19.91-822.git.23205a664c.an8.x86_64
Comment 2 shanxifanshi alibaba_cloud_group 2023-10-16 14:20:44 UTC 
an8 016,N49机型测试,该用例仍然fail,相对应的是在F51机型上测试,该用例是pass的,看起来跟机型似乎有一定的关系。

pass机器上randomize_va_space的值通过sysctl命令查是2,同时该配置项在/etc/sysctl.conf也存在,fail机器上/etc/sysctl.conf文件没有任何内容,是个空文件。

测试日志:
# sh -x ./scanners/system-configurations/4.14-ensure-address-space-layout-randomization-\(ASLR\)-is-enabled.sh
+ result=false
+ sysctl kernel.randomize_va_space
+ grep -Psq '^kernel\.randomize\_va\_space\s+=\s+2$'
+ grep -Psq '^kernel\.randomize_va_space\s+=\s+2' '/run/sysctl.d/*.conf' /etc/sysctl.d/99-sysctl.conf '/usr/local/lib/sysctl.d/*.conf' /usr/lib/sysctl.d/10-default-yama-scope.conf /usr/lib/sysctl.d/50-coredump.conf /usr/lib/sysctl.d/50-default.conf /usr/lib/sysctl.d/50-libkcapi-optmem_max.conf /usr/lib/sysctl.d/50-pid-max.conf /lib/sysctl.d/10-default-yama-scope.conf /lib/sysctl.d/50-coredump.conf /lib/sysctl.d/50-default.conf /lib/sysctl.d/50-libkcapi-optmem_max.conf /lib/sysctl.d/50-pid-max.conf /etc/sysctl.conf
+ '[' false = true ']'
+ echo fail
fail

# uname -r
5.10.134-16_rc1.an8.x86_64
Comment 3 yunmeng365524 2023-10-18 14:54:14 UTC 
016版本在内部跟踪